ICONICS GenBroker64, Platform Services, Workbench, FrameWorX Server Security Vulnerabilities

openSUSE: Security Advisory for booth (SUSE-SU-2024:2040-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2024:2080-1)

The remote host is missing an update for...

Fedora: Security Advisory for webkitgtk (FEDORA-2024-4d71f28349)

The remote host is missing an update for...

PHP vulnerability

Releases Ubuntu 24.04 LTS Ubuntu 23.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages php7.4 - HTML-embedded scripting language interpreter php8.1 - HTML-embedded scripting language interpreter php8.2 - server-side, HTML-embedded scripting language (metapackage) php8.3 - server-side, HTML-embedded...

Oracle Linux 8 : container-tools:ol8 (ELSA-2024-3968)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3968 advisory. aardvark-dns [2:1.10.0-1] - update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 [2:1.9.0-1] -...

Ubuntu 22.04 LTS : Linux kernel (HWE) vulnerabilities (USN-6818-4)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6818-4 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer...

Fedora 40 : composer (2024-9ed24c98cd)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-9ed24c98cd advisory. Version 2.7.7 2024-06-10 * Security: Fixed command injection via malicious git branch name (GHSA-47f6-5gq3-vx9c / CVE-2024-35241 ) *...

openSUSE: Security Advisory for booth (SUSE-SU-2024:2042-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2024:2077-1)

The remote host is missing an update for...

Oracle Linux 7 : glibc (ELSA-2024-12444)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12444 advisory. [2.17-326.0.9.3] - Forward-port Oracle patches to 2.17-326.3 Reviewed-by: Jose E. Marchesi <[email protected]> Oracle history: ...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaFirefox (SUSE-SU-2024:2061-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2061-1 advisory. - Update to version 115.12.0 ESR (bsc#1226027) - CVE-2024-5702: Use-after-free in networking -.....

Nextcloud Server < 25.0.13.7, 26.x < 26.0.13, 27.x < 27.1.8, 28.x < 28.0.4 Improper Access Control Vulnerability (GHSA-xwgx-f37p-xh8c)

Nextcloud Server is prone to an improper access control ...

FreeBSD : chromium -- multiple security fixes (453aa0fc-2d91-11ef-8a0f-a8a1599412c6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 453aa0fc-2d91-11ef-8a0f-a8a1599412c6 advisory. Chrome Releases reports: This update includes 21 security fixes: Tenable has extracted the...

SUSE: Security Advisory (SUSE-SU-2024:2065-1)

The remote host is missing an update for...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : webkit2gtk3 (SUSE-SU-2024:2065-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2065-1 advisory. - Update to version 2.44.2 - CVE-2024-27834: Fixed a vulnerability where an attacker with...

RHEL 8 / 9 : OpenShift Container Platform 4.14.30 (RHSA-2024:3918)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3918 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private...

VMware vCenter Server 7.0 < 7.0U3r / 8.0 < 8.0U2d Multiple Vulnerabilities (VMSA-2024-0012)

The version of VMware vCenter Server installed on the remote host is 7.0 prior to 7.0U3r, or 8.0 prior to 8.0U2d. It is, therefore, affected by a partial information disclosure vulnerability as referenced in the VMSA-2024-0012 advisory: The vCenter Server contains multiple heap-overflow...

CVE-2024-6146 Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability

Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...

CVE-2024-6146 Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability

Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...

CVE-2024-6145 Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability

Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw...

CVE-2024-6144 Actiontec WCB6200Q Multipart Boundary Stack-based Buffer Overflow Remote Code Execution Vulnerability

Actiontec WCB6200Q Multipart Boundary Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...

CVE-2024-6143 Actiontec WCB6200Q uh_tcp_recv_header Buffer Overflow Remote Code Execution Vulnerability

Actiontec WCB6200Q uh_tcp_recv_header Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The...

CVE-2024-6142 Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability

Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The...

linux-hwe-6.5 vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-6356, CVE-2023-6535, CVE-2023-6536) It was.....

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty, libcurl, Apache Xerces C++ XML parser, and Newtonsoft.Json may affect IBM Storage Protect for Virtual Environments: Data Protection for Hyper-V

Summary IBM Storage Protect for Virtual Environments: Data Protection for Hyper-V can be affected by security flaws in IBM WebSphere Application Server Liberty, libcurl, Apache Xerces C++ XML parser, and Newtonsoft.Json. The flaws can lead to server-side request forgery, bypass of security...

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty, OpenSSL, libcurl, and Apache Xerces C++ XML parser may affect IBM Storage Protect for Virtual Environments: Data Protection for VMware

Summary IBM Storage Protect for Virtual Environments: Data Protection for VMware can be affected by security flaws in IBM WebSphere Application Server Liberty, OpenSSL, libcurl, and Apache Xerces C++ XML parser, and Data Protection for VMware. The flaws can lead to server-side request forgery,...

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty, OpenSSL, libcurl, and Apache Xerces C++ XML parser may affect IBM Storage Protect Backup-Archive Client

Summary IBM Storage Protect Backup-Archive Client can be affected by security flaws in IBM WebSphere Application Server Liberty, OpenSSL, libcurl, and Apache Xerces C++ XML parser. The flaws can lead to server-side request forgery, bypass of security restrictions, denial of service, and arbitrary.....

Exploit for Improper Input Validation in Microsoft

About CVE-2024-30078 and the Corresponding KB Update...

Security Bulletin: Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server

Summary IBM Db2 is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM Db2 have been published in a security bulletin CVE-2023-45853, CVE-2023-29267, CVE-2024-25710, CVE-2024-26308, CVE-2023-45178, CVE-2024-28762, CVE-2024-28757, CVE-2024-29025,...

CVE-2024-37904

Minder is an open source Software Supply Chain Security Platform. Minder's Git provider is vulnerable to a denial of service from a maliciously configured GitHub repository. The Git provider clones users repositories using the github.com/go-git/go-git/v5 library on lines L55-L89. The Git provider.....

CVE-2024-37904

Minder is an open source Software Supply Chain Security Platform. Minder's Git provider is vulnerable to a denial of service from a maliciously configured GitHub repository. The Git provider clones users repositories using the github.com/go-git/go-git/v5 library on lines L55-L89. The Git provider.....

CVE-2024-37904

Minder is an open source Software Supply Chain Security Platform. Minder's Git provider is vulnerable to a denial of service from a maliciously configured GitHub repository. The Git provider clones users repositories using the github.com/go-git/go-git/v5 library on lines L55-L89. The Git provider.....

CVE-2024-37904 Denial of service from maliciously configured Git repository in Minder

Minder is an open source Software Supply Chain Security Platform. Minder's Git provider is vulnerable to a denial of service from a maliciously configured GitHub repository. The Git provider clones users repositories using the github.com/go-git/go-git/v5 library on lines L55-L89. The Git provider.....

Minder affected by denial of service from maliciously configured Git repository

Minder's Git provider is vulnerable to a denial of service from a maliciously configured GitHub repository. The Git provider clones users repositories using the github.com/go-git/go-git/v5 library on these lines:...

Minder affected by denial of service from maliciously configured Git repository

Minder's Git provider is vulnerable to a denial of service from a maliciously configured GitHub repository. The Git provider clones users repositories using the github.com/go-git/go-git/v5 library on these lines:...

Signal Foundation Warns Against EU's Plan to Scan Private Messages for CSAM

A controversial proposal put forth by the European Union to scan users' private messages for detection of child sexual abuse material (CSAM) poses severe risks to end-to-end encryption (E2EE), warned Meredith Whittaker, president of the Signal Foundation, which maintains the privacy-focused...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.3

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.3 Vulnerability Details ** CVEID: CVE-2022-46364 DESCRIPTION: **Apache CXF is vulnerable to server-side request forgery, caused...

Smart S210 Management Platform - Arbitary File Upload

A vulnerability has been found in Byzoro Smart S210 Management Platform up to 20240117 and classified as critical. This vulnerability affects unknown code of the file /Tool/uploadfile.php. The manipulation of the argument file_upload leads to unrestricted...

Duplicate Advisory: Keycloak: Leak of configured LDAP bind credentials

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-c25h-c27q-5qpv. This link is maintained to preserve external references. Original Description A vulnerability was found in Keycloak. The LDAP testing endpoint allows changing the Connection URL independently...

Keycloak: Leak of configured LDAP bind credentials

A vulnerability was found in Keycloak. The LDAP testing endpoint allows changing the Connection URL independently without re-entering the currently configured LDAP bind credentials. This flaw allows an attacker with admin access (permission manage-realm) to change the LDAP host URL ("Connection...

CyberChef - The Cyber Swiss Army Knife - A Web App For Encryption, Encoding, Compression And Data Analysis

CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR and Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data,...

CVE-2024-5967

A vulnerability was found in Keycloak. The LDAP testing endpoint allows changing the Connection URL independently without re-entering the currently configured LDAP bind credentials. This flaw allows an attacker with admin access (permission manage-realm) to change the LDAP host URL ("Connection...

CVE-2024-5967

A vulnerability was found in Keycloak. The LDAP testing endpoint allows changing the Connection URL independently without re-entering the currently configured LDAP bind credentials. This flaw allows an attacker with admin access (permission manage-realm) to change the LDAP host URL ("Connection...

CVE-2024-5967 Keycloak: leak of configured ldap bind credentials through the keycloak admin console

A vulnerability was found in Keycloak. The LDAP testing endpoint allows changing the Connection URL independently without re-entering the currently configured LDAP bind credentials. This flaw allows an attacker with admin access (permission manage-realm) to change the LDAP host URL ("Connection...

CVE-2024-5967 Keycloak: leak of configured ldap bind credentials through the keycloak admin console

A vulnerability was found in Keycloak. The LDAP testing endpoint allows changing the Connection URL independently without re-entering the currently configured LDAP bind credentials. This flaw allows an attacker with admin access (permission manage-realm) to change the LDAP host URL ("Connection...

How are attackers trying to bypass MFA?

In the latest Cisco Talos Incident Response Quarterly Trends report, instances related to multi-factor authentication (MFA) were involved in nearly half of all security incidents that our team responded to in the first quarter of 2024. In 25% of engagements, the underlying cause was users...

XWiki < 4.10.20 - Remote code execution

XWiki Platform is a generic wiki platform. Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search allows remote code execution through the search text. This allows remote code execution for any visitor of a public wiki or user of a closed....

XWiki < 4.10.15 - Sensitive Information Disclosure

XWiki Platform is a generic wiki platform. Starting in 7.2-milestone-2 and prior to versions 14.10.15, 15.5.2, and 15.7-rc-1, the Solr-based search in XWiki discloses the password hashes of all users to anyone with view right on the respective user profiles. By default, all user profiles are...

XWiki < 4.10.15 - Information Disclosure

The Solr-based search suggestion provider that also duplicates as generic JavaScript API for search results in XWiki exposes the content of all documents of all wikis to anybody who has access to it, by default it is public. This exposes all information stored in the wiki (but not some protected...

CVE-2024-5953

A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their...